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CLAIMS: 



1 . A method for generating a common secret data item between a first user 

facility i and a second user facility j through by each such user facility executing mutually 
symmetric operations on respective complementary data items that are based on respectively 
unique quantities and that are at least in part secret, and wherein an outcome of said 
5 operations is used in both said user facilities as said common secret data item, 
said method being characterized in being based on defining said 
complementary data belonging to a GAP Diffie-Hellmann Problem that is defined in an 
Abelian Variety. 

10 2. A method as claimed in Claim 1 , wherein said Abelian Variety has a 

dimension one through being an elliptic curve. 

3. A method as claimed in Claim 1, comprising applying a pairing F featuring a 
bilinearity property, a non-degeneration property, and a computability property to two 

1 5 linearly independent points P and D(P) on said Abelian Variety. 

4. A method as claimed in Claim 1, wherein said operations for user facility i are 
based on one-way functions f, g according to Si = f T ( n ) and Pi = g ( r f ), wherein parameter 
T is a master secret acquired from a trusted master facility, outcome S is being maintained 

20 secret, and common secret data are calculated according to 

K ij = F(S i ,P j )=F(S j , Pi) = Kji. 

5. A method as claimed in Claim 4, wherein said operations base on data S \ and 
Pi 

25 Si:su=T n + r,Ti 2 ; (5') s i2 = T 2 i + riT 22 ; (6') 

Pi:pii = r,P; (7') p i2 = ri 2 P; (8'). 



6. A method as claimed in Claim 1, wherein user facility 1 sends data 

riD(P),ri 2 D(P)to user facility 2, user facility 2 sends data 
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r 2 D ( P ) , r 2 2 D ( P ) to user facility 1, followed by user facility 1 checking whether the 
triple 

r 2 D(P),r 2 D(P),r 2 2 D(P)isa Diffie-Hellmann triple, and user facility 2 whether 
the triple ri D(P),r i D(P),n 2 D ( P ) is a Diffie-Hellmann triple, and in the positive 
5 case calculating the common secret by user facility 1 according to 
n^eatw + rxt^P^CrO^ 

wherein ti 2 = t 2 \ and v(r 2 ) k stands for the k-th component of the vector v(r 2 ). 

7. A method as claimed in Claim 1, and furthermore comprising a revocation 
10 scheme on top of its standard scheme for excluding one or more selected user facilities 

through assigning to every user facility its own unique parameters. 

8. A method as claimed in Claim 1, wherein the generating of such shared secret 
is used as an initial step in an identification or authentication procedure. 

15 

9. A method as claimed in Claim 1 , wherein the Weil Pairing is evaluated at an 
instant in time that lies substantially before executing the protocol proper. 

10. A method as claimed in Claim 1, and comprising an updating of secret 
20 information against divulgation of an earlier secret information. 

11. A method as claimed in Claim 1 , and being executed through using only a 
single integrated cryptography level. 

25 12. A method as claimed in Claim 1, where a randomization scheme is applied to 

the common secret. 

13. A method as claimed in Claim 12, where the randomization scheme is based 
on a challenge-response mechanism. 

30 

14. A system comprising a first user facility and a second user facility, and being 
arranged to communicate according to the method as claimed in Claim 1 . 
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15. A device being arranged to operate as the first and/or second user facility in a 
system as claimed in Claim 14. 

16. A computer program product comprising instructions for controlling one or 
more data processing oriented hardware entities to implement a method as claimed in Claim 
1. 



